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In this tutorial, selected topics of cryptology and of computational complexity theory are presen 
We give a brief overview of the history and the foundations of classical cryptography, and then 
on to modern public-key cryptography. Particular attention is paid to cryptographic protocols an 
problem of constructing key components of protocols such as one-way functions. A function is o 
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design of randomized algorithms. These techniques are illustrated using 12 randomized algorith 
both sequential and distributed— that span a wide range of applications, including: primality tes 
classical problem in number theory), interactive probabilistic proofs ... 

Keywords: Byzantine agreement, CSP, analysis of algorithms, computational complexity, dinin 
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We present a practical system for conducting sealed-bid auctions that preserves the secrecy of 
bids while providing for verifiable correctness and trustworthiness of the auction. The auctionee 
accept all bids submitted and follow the published rules of the auction. No party receives any us 
information about bids before the auction closes and no bidder is able to change or repudiate he 
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In the Outsourced Database (ODB) model, entities outsource their data management needs to < 
third-party service provider. Such a service provider offers mechanisms for its clients to create, 
update, and access (query) their databases. This work provides mechanisms to ensure data inte 
and authenticity for outsourced databases. Specifically, this article provides mechanisms that as 
the querier that the query results have not been tampered with and are authentic (with respect 
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This paper describes the direct anonymous attestation scheme (DAA). This scheme was adoptee 
the Trusted Computing Group (TCG) as the method for remote authentication of a hardware mc 
called Trusted Platform Module (TPM), while preserving the privacy of the user of the platform t 
contains the module. DAA can be seen as a group signature without the feature that a signature 
be opened, i.e., the anonymity is not revocable. Moreover, DAA allows for pseudonyms, i.e., for 
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The aim of electronic voting schemes is to provide a set of protocols that allow voters to cast be 
while a group of authorities collect the votes and output the final tally. In this paper we describe 
practical multi-candidate election scheme that guarantees privacy of voters, public verifiability, 
robustness against a coalition of malicious authorities. Furthermore, we address the problem of 
receipt-freeness and incoercibility of voters. Our new scheme is based on the Paillier cryp ... 
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In this paper we extend the notion of zero knowledge proofs of membership (which reveal one t 
information) to zero knowledge proofs of knowledge (which reveal no information whatsoever), 
formally defining this notion, we show its relevance to identification schemes, in which parties p 
their identity by demonstrating their knowledge rather than by proving the validity of assertions 
describe a novel scheme which is provably secure if factoring is difficult and whose practic ... 
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Full text available: pdf(781.40 KB) Additional Information: full citation , abstract , references , citings, index terms 

A fair exchange protocol allows two users to exchange items so that either each user gets the o 
item or neither user does. In [2], verifiable encryption is introduced as a primitive that can be u 
build extremely efficient fair exchange protocols where the items exchanged represent digital 
signatures. Such protocols may be used to digitally sign contracts. This paper presents new simp 
schemes for verifiable encryption of digital signatures. We make us ... 
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Recent work [27, 15] introduced a novel peer-to-peer application that leverages content sharint 
aggregation among the peers to diagnose misconfigurations on a desktop PC. This application p 
interesting challenges in preserving privacy of user configuration data and in maintaining integr 
troubleshooting results. In this paper, we provide a much more rigorous cryptographic and yet 
practical solution for preserving privacy, and we investigate and analyze solutions for ensuring 
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Publisher: ACM Press 

Full text available: *g pdf(1 99.48 KB) Additional Information: full citation , abstract , references , citing s, index terms 

In order to design an exceptionally efficient mix network, both asymptotically and in real terms, 
develop the notion of almost entirely correct mixing, and propose a new mix network that is aln 
entirely correct. In our new mix, the real cost of proving correctness is orders of magnitude fast 
than all other mix nets. The trade-off is that our mix only guarantees "almost entirely correct" r 
i.e it guarantees that the mix network processed correctly all inputs with high (but not overw ... 
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Concurrent executions of a zero-knowledge protocol by a single prover (with one or more verifk 
may leak information and may not be zero-knowledge in toto. In this article, we study the probl 
maintaining zero-knowledge. We introduce the notion of an (a, |3) timing constraint: for any two 
processors P 1 and P 2 , if P x measures a elapsed time on its local clock and P 2 measures (3 elapse 
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Publisher: ACM Press 

Full text available: ^ pdf(258.12 KB) Additional Information: full citation , abstract , references , index terms 

This paper presents a new simple schemes for verifiable encryption of digital signatures. We me 
use of a trusted third party (TTP) but in an optimistic sense, that is, the TTP takes part in the pr 
only if one user cheats or simply crashes. Our schemes can be used as primitives to build efficie 
exchange and certified e-mail protocols. 

Keywords: Certified e-mail, contract signing, digital signatures, fair exchange, proof of knowle 
public-key cryptography 
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We present a mathematical construct which provides a cryptographic protocol to verifiably shufi 
sequence of k modular integers, and discuss its application to secure, universally verifiable, mul 
authority election schemes. The output of the shuffle operation is another sequence of k module 
integers, each of which is the same secret power of a corresponding input element, but the ord< 
elements in the output is kept secret. Though it is a trivial matter for the "shu ... 
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Full text available: *g pdf(250.40 KB) Additional Information: full citation , abstract , references , index terms 

Group signatures have recently become important for enabling privacy-preserving attestation in 
projects such as Microsoft's ngscb effort (formerly Palladium). Revocation is critical to the secur 
such systems. We construct a short group signature scheme that supports Verifier-Local Revoca 
(VLR). In this model, revocation messages are only sent to signature verifiers (as opposed to b( 
signers and verifiers). Consequently there is no need to contact individual signers when some u 
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This paper introduces a novel approach for augmenting attribute-based access control systems 
way that allows them to offer fully anonymous access to resources while at the same time achie 
strong accountability guarantees. We assume that users hold attribute certificates and we show 
to exploit cryptographic zero-knowledge proofs to allow requesting users to prove that they hol< 
suitable certificates for accessing a resource. In contrast to the commonly taken approach of se 
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